CVE-2011-4103

The CVE concerns Django Piston: the emitter component (emitters.py) in Django Piston before 0.2.3 and in 0.2.x before 0.2.2.1 fails to properly deserialize YAML data, enabling remote code execution via yaml.load-related vectors. The vulnerability arises from YAML deserialization in the affected c...

Debian Security Advisory DSA 2344-1 (python-django-piston)

The remote host is missing an update to python-django-piston announced via advisory DSA 2344-1. OpenVAS Vulnerability Test $Id: deb23441.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2344-1 python-django-piston Authors: Thomas Reinke Copyright: Copyright ...

Debian: Security Advisory (DSA-2344-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2344-1 : python-django-piston - deserialization vulnerability

It was discovered that the Piston framework can deserializes untrusted YAML and Pickle data, leading to remote code execution CVE-2011-4103 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

[SECURITY] [DSA 2344-1] python-django-piston security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2344-1 [email protected] http://www.debian.org/security/ Florian Weimer November 11, 2011 http://www.debian.org/security/faq -...

DSA-2344-1 python-django-piston - deserialization vulnerability

Bulletin has no description...